[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv4 Security redux

To: ipsec@ans.net
Subject: Re: IPv4 Security redux
From: fran@zk3.dec.com
Date: Wed, 21 Apr 93 11:21:44 -0400

>In the government/military environment, different security levels are
>frequently required to use different keys (between the same host pairs).
>That argues for including a SAID, assuming we are trying to address
>that user community.  The SAID could be a single byte to satisfy that
>use.
>
>Tom Benkart
>ACC Systems

I have seen this requirement too.  Also, in the commercial arena there
may well be a desire to have a low-overhead security option, and a high
security (presumably higher overhead) security option for different
types of traffic between the same two hosts.  A case in point might be
that an application that uses DCE RPC with encryption would not need
(or desire) much in the way of network security, whereas an FTP session
that did not provide its own security could benefit from network
provided security.  I expect that a single byte would do for this too.

Prev by Date: Re: IPv4 Security redux
Next by Date: FYI: NLSP comments...
Prev by thread: Re: IPv4 Security redux
Next by thread: Re: IPv4 Security redux
Index(es):
- Main
- Thread